Java SSL KeyManagerFactory password

I have a simple question for Java SSL experts.

KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(KeyStore.getInstance(mykeyfile, password), password);

In the above code snippet, What is the need for providing 2 passwords?

KeyStore.getInstance(mykeyfile, password) this is for keystore which I get it. What is the need for the keyManagerFactory to use a password in the init method?

I found this in Javadoc & it is confusing. hence this question!

Keystore class says this.
- file – the keystore
- file password – the keystore password
KeyManagerFactory
- ks – the key store
- password – the password for recovering keys in the KeyStore

Solution

Some Java keystore formats, particularly JKS and JCEKS, can have one password for the store (file) plus a separate, different password for the (or each) privatekey in that store. Since 2017 Oracle has been pushing Java developers and users to use or switch to PKCS12, and (in Java) PKCS12 does not support different passwords, but people still can use other formats and this capability remains in the (mostly previously defined) API. (PS: this is really cryptography not just SSL/TLS; Java cryptography can be and is also used for many other things.)